﻿<!--#include file="utf-8.asp"-->
<!--#include file="conn.asp"-->

<script language="JavaScript" type="text/javascript">
    function addCookie(objName, objValue, objHours) {//添加cookie
        var str = objName + "=" + escape(objValue);
        if (objHours > 0) {//为0时不设定过期时间，浏览器关闭时cookie自动消失
            var date = new Date();
            var ms = objHours * 3600 * 1000;
            date.setTime(date.getTime() + ms);
            str += "; expires=" + date.toGMTString();
        }
        document.cookie = str;
    }

    function getCookie(objName) {//获取指定名称的cookie的值
        var arrStr = document.cookie.split("; ");
        for (var i = 0; i < arrStr.length; i++) {
            var temp = arrStr[i].split("=");
            if (temp[0] == objName) return unescape(temp[1]);
        }
    }

    function delCookie(name) {//为了删除指定名称的cookie，可以将其过期时间设定为一个过去的时间
        var date = new Date();
        date.setTime(date.getTime() - 10000);
        document.cookie = name + "=a; expires=" + date.toGMTString();
    }
   </script>

<%	
set rs=server.createobject("adodb.recordset") 
exec="select * from [user] where user_name='"&request("username")&"'" 
set rs=conn.execute(exec) 
if not rs.eof then
    if request("password") = rs("user_pass") then
        Session("username")=request("username")
        Session.Timeout = 1440
        response.Write("<script language=javascript>addCookie('sd-username','"&request("username")&"',720);</script>") 
        response.write(request("savepassword"))
        if request("savepassword") = "on" then
            response.Write("<script language=javascript>addCookie('sd-password','"&request("password")&"',720);</script>") 
        else
            response.Write("<script language=javascript>delCookie('sd-password');</script>") 
        end if
        response.write "<script>window.location.href='userinfo.asp'</script>"
        response.end
    else
        response.Write("<script language=javascript>alert('密码不正确!')</script>") 
        response.end     
    end if
else    
    response.Write("<script language=javascript>alert('用户名不存在!')</script>") 
    response.end 
end if
rs.close
set rs =nothing
%>



